<?php
class PublicAction extends Action {
	public function index() {
		header ( "Content-Type:text/html; charset=utf-8" );
		
		$this->checkLogin ();
	}
	public function login() {
		$this->display ( login2 );
	}
	public function checkLogin() {
		Load ( 'extend' );
		$username = $_POST ['username'];
		$password = $_POST ['password'];
		$verify = $_POST ['verify'];
		// 判断后台跳转到首页
		if ($username == '' || $password == '' || $verify == '') {
			redirect ( C ( 'cms_admin' ) . '?s=Public/login' );
		}
		// 生成认证条件
		$map = array ();
		// 支持使用绑定帐号登录
		$map ['username'] = $username;
		$map ['status'] = 1;
		if ($_SESSION ['verify'] != md5 ( $verify )) {
			
			$this->error ( '验证码错误！' );
		}
		import ( 'ORG.Util.RBAC' );
		$authInfo = RBAC::authenticate ( $map );
		// 使用用户名、密码和状态的方式进行认证
		if (false == $authInfo) {
			$this->error ( '帐号不存在或已禁用！' );
		} else {
			if ($authInfo ['password'] != md5 ( $password )) {
				$this->error ( '密码错误！' );
			}
			$_SESSION [C ( 'USER_AUTH_KEY' )] = $authInfo ['id'];
			$_SESSION ['userid'] = $authInfo ['id']; // 用户ID
			$_SESSION ['username'] = $authInfo ['username']; // 用户名
			$_SESSION ['roleid'] = $authInfo ['role']; // 角色ID
			
			if ($authInfo ['username'] == C ( 'SPECIAL_USER' )) {
				$_SESSION [C ( 'ADMIN_AUTH_KEY' )] = true;
			}
			
			// 保存登录信息
			$User = M ( C ( 'USER_AUTH_MODEL' ) );
			$ip = get_client_ip ();
			$data = array ();
			if ($ip) { // 如果获取到客户端IP，则获取其物理位置
				import ( 'ORG.Net.IpLocation' ); // 导入IpLocation类
				$Ip = new IpLocation (); // 实例化类
				$location = $Ip->getlocation ( $ip ); // 获取某个IP地址所在的位置
				$data ['last_location'] = '';
				if ($location ['country'] && $location ['country'] != 'CZ88.NET')
					$data ['last_location'] .= $location ['country'];
				if ($location ['area'] && $location ['area'] != 'CZ88.NET')
					$data ['last_location'] .= ' ' . $location ['area'];
			}
			
			$data ['id'] = $authInfo ['id'];
			$data ['last_login_time'] = time ();
			$data ['last_login_ip'] = get_client_ip ();
			$User->save ( $data );
			
			// 缓存访问权限
			RBAC::saveAccessList ();
			redirect ( C ( 'cms_admin' ) . '?s=Index/index' );
		}
	}
	public function logout() {
		if ($_SESSION [C ( 'USER_AUTH_KEY' )]) {
			$_SESSION [C ( 'USER_AUTH_KEY' )] = null;
			$_SESSION [C ( 'ADMIN_AUTH_KEY' )] = false;
			session_unset ();
			redirect ( C ( 'cms_admin' ) . '?s=Public/login' );
		} else {
			$this->error ( '已经登出！' );
		}
	}
	
	// 验证码
	Public function verify() {
		import ( "ORG.Util.Image" );
		Image::buildImageVerify ();
	}
}